LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-21-2010, 09:59 AM   #1
AusFreak
LQ Newbie
 
Registered: Mar 2010
Posts: 3

Rep: Reputation: 0
Question Authentication Issue su/sudo/pam Debian


Heyas,

Ive got an odd issue and i think ive narrowed it down to possibly PAM but i need some extra help for the community.

Issue:
I can login via ssh to my machine as a normal user but when i try to su to root gives me this error

xxxx@Halcon:/moo$ su
Password:
su: Authentication failure

The auth.log shows this:

Mar 21 19:14:15 Halcon unix_chkpwd[26449]: check pass; user unknown
Mar 21 19:14:15 Halcon unix_chkpwd[26449]: password check failed for user (root)
Mar 21 19:14:15 Halcon su[26448]: pam_unix(su:auth): authentication failure; logname=root uid=1000 euid=1000 tty=/dev/pts/5 ruser=xxxx rhost= user=root
Mar 21 19:14:18 Halcon su[26448]: pam_authenticate: Authentication failure
Mar 21 19:14:18 Halcon su[26448]: FAILED su for root by xxxx
Mar 21 19:14:18 Halcon su[26448]: /dev/pts/5 xxxx:root

Also have noticed this with password change:

xxxx@Halcon:/moo$ passwd xxxx
Changing password for xxxx.
(current) UNIX password:
passwd: Authentication token manipulation error
passwd: password unchanged

Auth.log Shows:

Mar 21 19:17:46 Halcon unix_chkpwd[26503]: check pass; user unknown
Mar 21 19:17:50 Halcon unix_chkpwd[26504]: check pass; user unknown
Mar 21 19:17:50 Halcon unix_chkpwd[26504]: password check failed for user (xxxx)
Mar 21 19:17:50 Halcon passwd[26502]: pam_unix(passwd:chauthtok): authentication failure; logname=root uid=1000 euid=1000 tty= ruser= rhost= user=xxxx

Sudo also gives me this
xxxx@Halcon:/moo$ sudo
sudo: must be setuid root

my user is in sudoers

Ive checked the perms on passwd and shadow
-rw-r----- 1 root shadow 1975 Mar 21 18:47 /etc/shadow
-rw-r--r-- 1 root root 2288 Mar 21 18:47 /etc/passwd

I tried creating a new user with guid of root and uid of 0 .. didnt work.

however if i allow root to ssh in it lets me in. its just the su/sudo/passwd that doesnt work.

If you guys have any suggestions or information that would be great, i have been looking all over the net yet have found nothing , thanks

edit: if i login via root into ssh i can su to xxxx (no passwd required) lets me straight in.
 
Old 03-21-2010, 04:23 PM   #2
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,275

Rep: Reputation: 370Reputation: 370Reputation: 370Reputation: 370
What are the permission of the sudo and su binaries (i.e. /bin/su and /usr/bin/sudo)? Is it possible that they don't have the setuid bit set? The permissions of your passwd and shadow file look correct (at least they match my Debian box). Also, can you post your /etc/pam.d/common-auth?
 
Old 03-21-2010, 05:37 PM   #3
AusFreak
LQ Newbie
 
Registered: Mar 2010
Posts: 3

Original Poster
Rep: Reputation: 0
-rwsr-xr-x 1 root root 28448 Jul 24 2009 /bin/su
-rwsr-xr-x 2 root root 127856 Mar 12 09:52 /usr/bin/sudo

looks like the setuid bit is set.


#
# /etc/pam.d/common-auth - authentication settings common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of the authentication modules that define
# the central authentication scheme for use on the system
# (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the
# traditional Unix authentication mechanisms.
#
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
# To take advantage of this, it is recommended that you configure any
# local modules either before or after the default block, and use
# pam-auth-update to manage selection of other modules. See
# pam-auth-update(8) for details.

# here are the per-package modules (the "Primary" block)
auth [success=1 default=ignore] pam_unix.so nullok_secure
# here's the fallback if no module succeeds
auth requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
auth required pam_permit.so
# and here are more per-package modules (the "Additional" block)
# end of pam-auth-update config
 
Old 03-22-2010, 09:21 AM   #4
AusFreak
LQ Newbie
 
Registered: Mar 2010
Posts: 3

Original Poster
Rep: Reputation: 0
Issue RESOLVED:

i ran 'sudo bash'

sudo: /etc/sudoers is mode 0777, should be 0440
sudo: no valid sudoers sources found, quitting

chmod 0440 /etc/sudoers

works
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Running sudo with pam.d vwvr9 Linux - Security 2 05-05-2008 11:19 PM
PAM Authentication Issue SVI SUSE / openSUSE 2 09-27-2007 02:28 PM
vsftpd using Ldap+pam authentication issue PhillipHuang Linux - Software 1 09-26-2006 11:43 PM
Strange PAM/sudo problem (SLES9) chort SUSE / openSUSE 3 01-05-2006 05:45 PM
weird authentication issue with debian ssh Red Squirrel Linux - Software 6 09-07-2005 06:44 PM


All times are GMT -5. The time now is 11:56 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration